Constraining the Implementation Through Architectural Security Rules: An Expert Study

  • Stefanie JasserEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11915)


Today, security is still considered to late in the process of software engineering. Architectural rules for security can support software architects and developers in consciously taking security into account during design and implementation phase. They allow to monitor a software system’s security level. As a step towards monitoring and controlling the erosion of an architecture’s security specifications we present a set of rules derived from well-known security building blocks such as patterns along with our identification process. Through these rules we aim to support architects in monitoring the implementation’s conformance with security measures and, hence, in building secure software systems. The architectural security rules we identified are evaluated through expert interviews with industrial software engineers.


Software architecture Security by design Secure architecture Security constraints Architectural constraints Architecture erosion Architecture violations 


  1. 1.
    Abi-Antoun, M.: Static extraction and conformance checking of the runtime architecture of object-oriented systems. In: Harris, G.E. (ed.) Companion to the 23rd ACM SIGPLAN Conference on Object-Oriented Programming Systems Languages and Applications, p. 911. ACM, New York (2008).
  2. 2.
    Abi-Antoun, M., Barnes, J.M.: Analyzing security architectures. In: Pecheur, C., Andrews, J., Di Nitto, E. (eds.) 25th IEEE/ACM International Conference on Automated Software Engineering, pp. 3–12. ACM (2010).
  3. 3.
    Abi-Antoun, M., Wang, D., Torr, P.: Checking threat modeling data flow diagrams for implementation conformance and security. In: Stirewalt, K., Egyed, A., Fischer, B. (eds.) Proceedings of the 22nd IEEE/ACM International Conference on Automated Software Engineering: ASE, pp. 393–396. IEEE Computer Society and ACM, New York and Los Alamitos (2007).
  4. 4.
    Anand, P., Ryoo, J., Kazman, R.: Vulnerability-based security pattern categorization in search of missing patterns. In: 2014 Ninth International Conference on Availability, Reliability and Security, pp. 476–483. IEEE (2014).
  5. 5.
    Arce, I., et al.: Avoiding the top 10 software security design flaws (2014).
  6. 6.
    Berger, B.J., Sohr, K., Koschke, R.: Automatically extracting threats from extended data flow diagrams. In: Caballero, J., Bodden, E., Athanasopoulos, E. (eds.) ESSoS 2016. LNCS, vol. 9639, pp. 56–71. Springer, Cham (2016). Scholar
  7. 7.
    Brunet, J., Serey, D., Figueiredo, J.: Structural conformance checking with design tests: an evaluation of usability and scalability. In: 2011 27th IEEE International Conference on Software Maintenance (ICSM), pp. 143–152. IEEE, Piscataway (2011).
  8. 8.
    Caracciolo, A.: A unified approach to architecture conformance checking. Dissertation, Universität Bern, Bern, März 2016.
  9. 9.
    Eden, A.H., Kazman, R.: Architecture, design, implementation. In: Proceedings of the 25th International Conference on Software Engineering, ICSE 2003, pp. 149–159. IEEE Computer Society, Washington, DC (2003).
  10. 10.
    Eichberg, M., Kloppenburg, S., Klose, K., Mezini, M.: Defining and continuous checking of structural program dependencies. In: Schäfer, W. (ed.) Companion of the 30th International Conference on Software Engineering, p. 391. ACM, New York (2008).
  11. 11.
    Gasson, S.: Rigor in grounded theory research. In: Whitman, M., Woszczynski, A. (eds.) The Handbook of Information Systems Research, pp. 79–102. IGI Global (2004).
  12. 12.
    Gerdes, S., Soliman, M., Riebisch, M.: Decision buddy: tool support for constraint-based design decisions during system evolution. In: Proceedings of the 1st International Workshop on Future of Software Architecture Design Assistants: FoSADA, pp. 13–18. ACM Association for Computing Machinery (2015).
  13. 13.
    Gurgel, A., et al.: Blending and reusing rules for architectural degradation prevention. In: Binder, W., Peternier, A., Ernst, E., Hirschfeld, R. (eds.) MODULARITY 2014, pp. 61–72. ACM Association for Computing Machinery, New York (2014).
  14. 14.
    Hafiz, M.: Security pattern catalog (2016).
  15. 15.
    Heyman, T., Yskout, K., Scandariato, R., Joosen, W.: An analysis of the security patterns landscape. In: 2007 Third International Workshop on Software Engineering for Secure Systems, pp. 3–9. IEEE, Piscataway (2007).
  16. 16.
    Hochstein, L., Lindvall, M.: Combating architectural degeneration: a survey. Inf. Softw. Technol. 47(10), 643–656 (2005). Scholar
  17. 17.
    Howard, M., Lipner, S.: The security development lifecycle: SDL, a process for developing demonstrably more secure software. Microsoft Secure Software Development Series, Microsoft Press, Redmond, Washington (2006).
  18. 18.
    Jackson Higgins, K.: 10 common software security design flaws.pdf (2014).
  19. 19.
    Jasser, S.: Security conformance checking for the detection of vulnerabilities. In: Proceedings of the 20th International Conference on Product-Focused Software Process Improvement, submitted (2019)Google Scholar
  20. 20.
    Jürjens, J.: UMLsec: extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002). Scholar
  21. 21.
    Luckham, D.C., Kenney, J.J., Augustin, L.M., Vera, J., Bryan, D., Mann, W.: Specification and analysis of system architecture using rapide. IEEE Trans. Softw. Eng. 21(4), 336–354 (1995). Scholar
  22. 22.
    Meldal, S., Luckham, D.C.: Defining a security reference architecture.
  23. 23.
    Mirakhorli, M., Cleland-Huang, J.: Detecting, tracing, and monitoring architectural tactics in code. IEEE Trans. Softw. Eng. 42(3), 205–220 (2016). Scholar
  24. 24.
    Moor, O.d., Verbaere, M., Hajiyev, E., Avgustinov, P., Ekman, T., Ongkingco, N., Sereni, D., Tibble, J.: Keynote address: .QL for source code analysis. In: Korel, B. (ed.) 2007 Seventh IEEE International Working Conference on Source Code Analysis and Manipulation, pp. 3–16. IEEE Computer Society, Los Alamitos (2007).
  25. 25.
    Murphy, G.C., Notkin, D., Sullivan, K.J.: Software reflexion models: bridging the gap between design and implementation. IEEE Trans. Softw. Eng. 27(4), 364–380 (2001)CrossRefGoogle Scholar
  26. 26.
    Passos, L., Terra, R., Valente, M.T., Diniz, R., das Chagas Mendonca, N., et al.: Static architecture-conformance checking an illustrative overview. IEEE Softw. 27(5), 82–89 (2010)CrossRefGoogle Scholar
  27. 27.
    Perry, D.E., Wolf, A.L.: Foundations for the study of software architecture. ACM SIGSOFT Softw. Eng, Not. 17(4), 40–52 (1992). Scholar
  28. 28.
    Rosado, D.G., Gutierrez, C., Fernandez-Medina, E., Piattini, M.: A study of security architectural patterns. In: Proceedings of the 1st International Conference on Availability, Reliability and Security: ARES, pp. 358–365. IEEE Computer Society, Los Alamitos (2006).
  29. 29.
    Sachitano, A., Chapman, R.O., Hamilton, J.A.: Security in software architecture: a case study. In: From the Fifth Annual IEEE SMC Information Assurance Workshop, pp. 370–376. IEEE Computer Society (2004).
  30. 30.
    Saldaña, J.: The Coding Manual for Qualitative Researchers, 2nd edn. SAGE Publications, Los Angeles (2013)Google Scholar
  31. 31.
    Sangal, N., Jordan, E., Sinha, V., Jackson, D.: Using dependency models to manage complex software architecture. In: Johnson, R. (ed.) Proceedings of the 20th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, p. 167. ACM, New York (2005).
  32. 32.
    Schaad, A., Borozdin, M.: Tam\({}^{\text{2}}\): automated threat analysis. In: Proceedings of the ACM Symposium on Applied Computing, SAC 2012, Riva, Trento, Italy, 26–30 March 2012, pp. 1103–1108 (2012).
  33. 33.
    Schröder, S., Riebisch, M.: An ontology-based approach for documenting and validating architecture rules. In: Proceedings of the 12th European Conference on Software Architecture, pp. 52:1–52:7 (2018).
  34. 34.
    Schröder, S., Riebisch, M., Soliman, M.: Architecture enforcement concerns and activities - an expert study. In: Tekinerdogan, B., Zdun, U., Babar, A. (eds.) ECSA 2016. LNCS, vol. 9839, pp. 247–262. Springer, Cham (2016). Scholar
  35. 35.
    Schumacher, M.: Security Patterns: Integrating Security and Systems Engineering. Wiley Series in Software Design Patterns. Wiley, Chichester, England and Hoboken (2006),
  36. 36.
    Serrano, D., Maña, A., Sotirious, A.D.: Towards precise security patterns. In: Tjoa, A.M., Wagner, R.R. (eds.) Proceedings of the 19th International Conference on Database and Expert Systems Applications: DEXA, pp. 287–291. IEEE Computer Society, Los Alamitos (2008).
  37. 37.
    de Silva, L.: Towards controlling software architecture erosion through runtime conformance monitoring. Dissertation, University of St. Andrews, St. Andrews (2014)Google Scholar
  38. 38.
    Yoder, J., Barcalow, J.: Architectural patterns for enabling application security. In: 4th Pattern Languages of Programming Conference (1997)Google Scholar
  39. 39.
    Yoshioka, N., Washizaki, H., Maruyama, K.: A survey on security patterns. Prog. Inform. 5(5), 35–47 (2008). Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.University of HamburgHamburgGermany

Personalised recommendations